Skip to content

Commit

Permalink
Pipeline: Release 4.4.0.stable28 documentation
Browse files Browse the repository at this point in the history
  • Loading branch information
Azure Pipeline committed Jun 27, 2023
1 parent c25ab7d commit 24f1214
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 1 deletion.
16 changes: 16 additions & 0 deletions docs/odm/models/alert.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
| ts | Date | File submission timestamp | :material-checkbox-marked-outline: Yes | `None` |
| type | Keyword | Type of alert | :material-checkbox-marked-outline: Yes | `None` |
| verdict | [Verdict](/assemblyline4_docs/odm/models/alert/#verdict) | Verdict Block | :material-checkbox-marked-outline: Yes | See [Verdict](/assemblyline4_docs/odm/models/alert/#verdict) for more details. |
| events | List [[Event](/assemblyline4_docs/odm/models/alert/#event)] | An audit of events applied to alert | :material-checkbox-marked-outline: Yes | `[]` |
| workflows_completed | Boolean | Have all workflows ran on this alert? | :material-checkbox-marked-outline: Yes | `False` |


Expand Down Expand Up @@ -91,6 +92,21 @@
| category | List [Keyword] | List of related ATT&CK categories | :material-checkbox-marked-outline: Yes | `[]` |


[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
## Event
> Model of Workflow Event
| Field | Type | Description | Required | Default |
| :--- | :--- | :--- | :--- | :--- |
| entity_type | Enum | Type of entity associated to event<br>Values:<br>`"user", "workflow"` | :material-checkbox-marked-outline: Yes | `None` |
| entity_id | Keyword | ID of entity associated to event | :material-checkbox-marked-outline: Yes | `None` |
| entity_name | Keyword | Name of entity | :material-checkbox-marked-outline: Yes | `None` |
| ts | Date | Timestamp of event | :material-checkbox-marked-outline: Yes | `NOW` |
| labels | List [Keyword] | Labels added during event | :material-minus-box-outline: Optional | `None` |
| status | Enum | Status applied during event<br>Values:<br>`"ASSESS", "MALICIOUS", "NON-MALICIOUS", "TRIAGE"` | :material-minus-box-outline: Optional | `None` |
| priority | Enum | Priority applied during event<br>Values:<br>`"CRITICAL", "HIGH", "LOW", "MEDIUM"` | :material-minus-box-outline: Optional | `None` |


[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
## File
> File Block Associated to the Top-Level/Root File of Submission
Expand Down
2 changes: 1 addition & 1 deletion docs/odm/models/statistics.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
| count | Integer | Count of statistical hits | :material-checkbox-marked-outline: Yes | `0` |
| min | Integer | Minimum value of all stastical hits | :material-checkbox-marked-outline: Yes | `0` |
| max | Integer | Maximum value of all stastical hits | :material-checkbox-marked-outline: Yes | `0` |
| avg | Integer | Anerage of all stastical hits | :material-checkbox-marked-outline: Yes | `0` |
| avg | Integer | Average of all stastical hits | :material-checkbox-marked-outline: Yes | `0` |
| sum | Integer | Sum of all stastical hits | :material-checkbox-marked-outline: Yes | `0` |
| first_hit | Date | Date of first hit of statistic | :material-minus-box-outline: Optional | `None` |
| last_hit | Date | Date of last hit of statistic | :material-minus-box-outline: Optional | `None` |
Expand Down
2 changes: 2 additions & 0 deletions docs/odm/models/workflow.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,13 @@
| creation_date | Date | Creation date of the workflow | :material-checkbox-marked-outline: Yes | `NOW` |
| creator | Keyword | UID of the creator of the workflow | :material-checkbox-marked-outline: Yes | `None` |
| edited_by | Keyword | UID of the last user to edit the workflow | :material-checkbox-marked-outline: Yes | `None` |
| first_seen | Date | Date of first hit on workflow | :material-minus-box-outline: Optional | `None` |
| hit_count | Integer | Number of times there was a workflow hit | :material-checkbox-marked-outline: Yes | `0` |
| labels | List [Keyword] | Labels applied by the workflow | :material-checkbox-marked-outline: Yes | `[]` |
| last_edit | Date | Date of last edit on workflow | :material-checkbox-marked-outline: Yes | `NOW` |
| last_seen | Date | Date of last hit on workflow | :material-minus-box-outline: Optional | `None` |
| name | Keyword | Name of the workflow | :material-checkbox-marked-outline: Yes | `None` |
| origin | Keyword | Which did this originate from? | :material-minus-box-outline: Optional | `None` |
| priority | Enum | Priority applied by the workflow<br>Values:<br>`"CRITICAL", "HIGH", "LOW", "MEDIUM", None` | :material-minus-box-outline: Optional | `None` |
| query | Keyword | Query that the workflow runs | :material-checkbox-marked-outline: Yes | `None` |
| status | Enum | Status applied by the workflow<br>Values:<br>`"ASSESS", "MALICIOUS", "NON-MALICIOUS", "TRIAGE", None` | :material-minus-box-outline: Optional | `None` |
Expand Down

0 comments on commit 24f1214

Please sign in to comment.